From patchwork Fri Jan 25 15:59:46 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Westphal X-Patchwork-Id: 1031163 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=strlen.de Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43mNyN6Nvzz9s4s for ; Sat, 26 Jan 2019 02:59:56 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726311AbfAYP7z (ORCPT ); Fri, 25 Jan 2019 10:59:55 -0500 Received: from Chamillionaire.breakpoint.cc ([146.0.238.67]:39584 "EHLO Chamillionaire.breakpoint.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726252AbfAYP7z (ORCPT ); Fri, 25 Jan 2019 10:59:55 -0500 Received: from fw by Chamillionaire.breakpoint.cc with local (Exim 4.89) (envelope-from ) id 1gn3tZ-000113-Tf; Fri, 25 Jan 2019 16:59:54 +0100 From: Florian Westphal To: Cc: Florian Westphal Subject: [RFC nft] evaluate: kill anon sets with one element Date: Fri, 25 Jan 2019 16:59:46 +0100 Message-Id: <20190125155946.18259-1-fw@strlen.de> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org pretends that ip saddr { 1.1.1.1 } is ip saddr 1.1.1.1 Needs more work (breaks dumps in test cases afaics). Is that a good idea in first place? I see various new users adopting { single-value } probably due to copying/adapting a "{ foo, bar }" rule to "{ foo }"... --- src/evaluate.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/src/evaluate.c b/src/evaluate.c index 0bda431d5a16..e922b7f9fb26 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -1251,11 +1251,13 @@ static int expr_evaluate_set_elem(struct eval_ctx *ctx, struct expr **expr) static int expr_evaluate_set(struct eval_ctx *ctx, struct expr **expr) { struct expr *set = *expr, *i, *next; + unsigned int count = 0; list_for_each_entry_safe(i, next, &set->expressions, list) { if (list_member_evaluate(ctx, &i) < 0) return -1; + count++; if (i->ops->type == EXPR_SET_ELEM && i->key->ops->type == EXPR_SET_REF) return expr_error(ctx->msgs, i, @@ -1286,6 +1288,22 @@ static int expr_evaluate_set(struct eval_ctx *ctx, struct expr **expr) set->set_flags |= NFT_SET_INTERVAL; } + if (!ctx->set && count == 1) { + i = list_first_entry(&set->expressions, struct expr, list); + if (i->ops->type == EXPR_SET_ELEM) { + switch (i->key->ops->type) { + case EXPR_RANGE: + case EXPR_VALUE: + *expr = i->key; + i->key = NULL; + expr_free(set); + return 0; + default: + break; + } + } + } + set->set_flags |= NFT_SET_CONSTANT; set->dtype = ctx->ectx.dtype;